"Cyber-fighters of Izz ad-Din al-Qassam" launch wave of attacks on US banks.

On March 28, American Express' website went offline for at least two hours during a distributed denial of service attack. A group calling itself "the cyber-fighters of Izz ad-Din al-Qassam" claimed responsibility for the attack, which began at about 3:00pm Eastern Time.

In a statement, an American Express spokesperson said, "Our site experienced a distributed-denial-of-service (DDoS) attack for about two hours on Thursday afternoon...We experienced intermittent slowing on our website that would have disrupted customers' ability to access their account information. We had a plan in place to defend against a potential attack and have taken steps to minimize ongoing customer impact."

The American Express DDoS is part of a new wave of attacks started two weeks ago by the Izz ad-Din al-Qassam group, which launched a larger campaign targeting US financial institutions that began last September. The group's alleged goal is to force the take-down of an offensive YouTube video—or extract an ongoing price from American banks as long as the video stays up, which could be indefinitely.

These attacks are also part of a larger trend of disruptive and destructive attacks on financial institutions by apparently politically motivated groups, the most damaging of which was the attack on South Korean banks and other companies last week. It's a trend that has surprised some security analysts, considering that the financial industry has focused more on advanced persistent threat (APT) attacks and cyber-espionage in recent years.

Band of the Hand

Named after a Muslim cleric who led The Black Hand, an anti-British and anti-Zionist jihadist organization in the 1920s and 1930s, and sharing a name with the military wing of Hamas (which the group's statements claim it is tied to), Izz ad-Din al-Qassam has taken credit for a variety of attacks on US financial institutions over the past year, all allegedly in protest against the posting of trailers for the film The Innocence of Muslims on YouTube. Until the film is removed, the group said it would target "properties of American-Zionist Capitalists…This attack will continue till the Erasing of that nasty movie." [sic]

Unlike DDoS attacks waged by Anonymous in the past, the Izz ad-Din al-Qassam group has used scripts running on compromised Web servers to launch their attacks rather than "volunteer" desktop PCs or botnets of compromised Windows machines. That allows attacks to leverage larger amounts of available bandwidth.

So far, there have been three distinct phases of the group's attacks. Dan Holden, director of Arbor Networks’ Security Engineering & Response Team, told Ars in a phone interview that the previous two waves lasted between three and four weeks, with the group then taking a break—likely to do the work required to maintain their botnet of compromised servers and add to it as their existing bots are discovered and disabled.

And during the course of each attack phase, the group has been refining its attacks, as Ars' Dan Goodin reported earlier this year. In January, security firm Incapsula found a new variant of the group's attack tools, which spawned additional copies of itself on compromised servers to multiply the size of attacks.

There have been further refinements made to this approach in this latest wave, Holden said. "The biggest change is the maintenance and the growth in the botnet," he explained. "There has been a big investment on their part to keep the campaign growing. And they've added some twists and techniques to their tools as time goes on, focusing their attacks more on the particular applications of the banks they're targeting. Now there are particular tools being used for a specific set of banks."

That refinement is the result of months of analyzing the websites of the banks that Izz ad-Din al-Qassam has targeted. Holden said that during its past large-scale attacks the group also crawled the websites of its targets and used the intelligence collected during the attacks to learn more about their weaknesses.

Covering fire

While the Izz ad-Din al-Qassam group's attacks are apparently purely to disrupt banks' ability to do business, there is some concern that such denial-of-service attacks could be used as a cover for fraud activity by criminals operating botnets or using targeted attacks on banks to gain access to internal systems.

"Financial institutions are putting a lot of resources into countering DoS attacks," said George Tubin, senior security strategist at Trusteer, a firm that specializes in countering online financial fraud. "But what we have seen in the past is the use of DoS attacks to conceal a fraud attack. They create the perfect cover." While the banks' security resources are focused on trying to counter the DoS attack, he said, criminals could use other vectors to gain access to accounts and perform transactions in the background before they can be detected.

That's not to say that there's necessarily any collusion between the DoS attackers and any potential fraudsters, Tubin emphasized, although it was possible. "They could be coordinated, but they are also frequent enough and common enough that criminals could do their own targeted attack once they see a DoS on an institution."

Those targeted attacks are becoming increasingly costly to banks. An FBI fraud alert last September revealed that attackers had compromised several financial institutions by infecting the computers of employees with malware—including keyloggers and remote control software that allowed them to capture employees' passwords, access customers' accounts and make wire transfers ranging from $400,000 to $900,000.

A well-funded attack

Still, Holden said that it's unlikely that criminals are "coat-tailing" on the Izz ad-Din al-Qassam group's attacks just yet. "It would have to be one of the incidences where the attackers can tell the site is down, [but then they] wouldn't be able to get in anyhow. So it's not as likely."

But even if the group behind the attacks isn't profiting from them, Holden said it's clear that there are very real investments being made in their activities—maybe not in servers or hard assets, but in the form of countless hours of maintenance of the botnet by finding new servers to exploit, and further development of attacks.

"Regardless of who's behind this," Holden said, "it has to be funded at some level. Even if it's hacktivists, it's got to be funded hacktivism." That, he says, is because of both the amount of time dedicated to the attack, and to its ongoing refinement. "It's not that these are the most sophisticated things in the world," he explained, "but it has been getting more sophisticated, and it's growing."

The goal of the investment in the botnet hasn’t been to create the sort of massive DDoS launched on Spamhaus this week. Rather, Holden said, the goal seems to have "mainly been around being able to attack multiple targets. They're not interested in the biggest DDoS they can make—they're more interested in creating constant pressure to prove whatever they're trying to prove. They're in it for the long haul."

94 Reader Comments

After the Spamhaus/Cyberbunker incident, I think there is no excuse for any large organization to be affected by a DDoS attack. Spamhaus is much smaller than American Express, yet they handled an attack on a much larger scale for weeks (and it's still going).

When will these nefarious individuals and groups actually pay some kind of criminal price for this kind of activity?

I'm afraid that someday some deep-pocketed company will actually enlist the services of "investigators" to seek out the heads of these groups and pay them a "courtesy visit". Let's face it -- people like this have egos, so it wouldn't be exceedingly hard to track them down with unlimited resources.

Probably best that there were legal remedies in place (and actively pursued) to deal with them, vs. that alternative, no?

" Until the film is removed, the group said it would target "properties of American-Zionist Capitalists…This attack will continue till the Erasing of that nasty movie." [sic]"

Maybe targeting the properties of the "Cyber-fighters of Izz ad-Din al-Qassam" with a few cruse missles until the erasing of that nasty group would resolve the issue.

Too much? Maybe (although a tempting thought), but seriously, these types of things are getting out of hand now. This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Although isn't that just every protest, ever? The internet made everything easier, that includes protesting.

Legitimate protesting is focused on the objective, it does not involve those who are not the objective. This is just attacking for the sake of causing trouble and disruption in hopes that someone will give in like a crying baby expects its parents to give into its demands. This isn't legitimate protest. No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action and would be out of their minds to do so because no one is going to remove anothers right to their expression of free speech (via you tube in this case) and that trumps their dislike. This is not an effective or legitimate protesting strategy, its an excuse to cause trouble. Even their own stated aims, the way they stated it, contradicts its self and indicates their real aim is to cause trouble.

This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Although isn't that just every protest, ever? The internet made everything easier, that includes protesting.

Well, if you're going to protest, put your face out there, for starters. And your right to protest doesn't allow for interfering with my right to conduct commerce.

In this country (U.S.), can union supporters legally block the doors to Walmart so customers can't enter? Can pro-life supporters legally block the doors to abortion clinics?

No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action

Nor is it possible to do so. No Islamist group has disbanded because their aims were met. Their ultimate objective i.e. the entire world following their extremist brand of Islam, will never be met. And until that time they will keep having excuses to attack.

No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action

Nor is it possible to do so. No Islamist group has disbanded because their aims were met. Their ultimate objective i.e. the entire world following their extremist brand of Islam, will never be met. And until that time they will keep having excuses to attack.

The USA should be pulling any Aid other than some Humanitarian Food and/ore Medicine.Not one of those Islamic Nations should be getting a dime out of us.No Way should any Funds be getting in the hands of those Hamas, Hezbollah, and other Creep Terrorist Scum Bands.

Would also be a great idea to work even harder towards the goal of some kind of synthetic and/or Alt Petroleum................love to see a World that does not even need their Oil.

Legitimate protesting is focused on the objective, it does not involve those who are not the objective. This is just attacking for the sake of causing trouble and disruption in hopes that someone will give in like a crying baby expects its parents to give into its demands. This isn't legitimate protest. No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action and would be out of their minds to do so. This is not an effective or legitimate protesting strategy, its an excuse to cause trouble.

Granted, it is perhaps misguided, but I don't doubt that they probably feel it is a good protest (or at the very least worth trying). My original point was really only that I felt your initial (parody) condemnation of their actions all too easily encompassed what is considered 'normal' protest. I don't have any issue with your elaborations at all. Although I would imagine, from their point of view I'm not sure there is any difference between an American company such as Youtube or an american company such as Amex, as long American is the common denominator they feel that they are protesting the 'objective'.

Did I read that 95% of hacking comes from China just the other day? Must be those Chinese behind it, let's add a tariff to foot ware made there. Probably state sponsored because we know. This is just a clever distraction, we know who the real enemy is. /s

There will always be malcontents and areas where crime and others misery is profitable. Hacking for money isn't something of fantasy. I would think the people behind this care little for the stated cause because the cause is a distraction and not a real achievable goal.

When will these nefarious individuals and groups actually pay some kind of criminal price for this kind of activity?

I'm afraid that someday some deep-pocketed company will actually enlist the services of "investigators" to seek out the heads of these groups and pay them a "courtesy visit". Let's face it -- people like this have egos, so it wouldn't be exceedingly hard to track them down with unlimited resources.

Probably best that there were legal remedies in place (and actively pursued) to deal with them, vs. that alternative, no?

This is where the (bunker busting) drones would come in handy Ka Boom! Next?

Legitimate protesting is focused on the objective, it does not involve those who are not the objective. This is just attacking for the sake of causing trouble and disruption in hopes that someone will give in like a crying baby expects its parents to give into its demands. This isn't legitimate protest. No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action and would be out of their minds to do so. This is not an effective or legitimate protesting strategy, its an excuse to cause trouble.

Granted, it is perhaps misguided, but I don't doubt that they probably feel it is a good protest (or at the very least worth trying). My original point was really only that I felt your initial (parody) condemnation of their actions all too easily encompassed what is considered 'normal' protest. I don't have any issue with your elaborations at all. Although I would imagine, from their point of view I'm not sure there is any difference between an American company such as Youtube or an american company such as Amex, as long American is the common denominator they feel that they are protesting the 'objective'.

Yeah, they probably feel that way and that's one of the things that makes them idiots because they are too stupid to realize it is not going to work in the end.

This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Although isn't that just every protest, ever? The internet made everything easier, that includes protesting.

Well, if you're going to protest, put your face out there, for starters. And your right to protest doesn't allow for interfering with my right to conduct commerce.

In this country (U.S.), can union supporters legally block the doors to Walmart so customers can't enter? Can pro-life supporters legally block the doors to abortion clinics?

I guess it's not always necessary to have a 'face out there' Anonymous is all about lacking a single identifier, although arguably this is their face.The whole point a protest is to cause a disruption so people take notice, the illegality of the disruption might not matter. Eg. the miners' strike in the UK, and to an extent the London riots a couple years ago.

" Until the film is removed, the group said it would target "properties of American-Zionist Capitalists…This attack will continue till the Erasing of that nasty movie." [sic]"

Maybe targeting the properties of the "Cyber-fighters of Izz ad-Din al-Qassam" with a few cruse missles until the erasing of that nasty group would resolve the issue.

Too much? Maybe (although a tempting thought), but seriously, these types of things are getting out of hand now. This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Isn't "we went to war for some company's bottom line" one of the most common complaints about recent American forgien policy? But you want to start another war over Amex...

In a radical change of tactics 'Hackivist-Terrorists' bring the West to its knees by turning up the volume of TV commercials to intolerable levels and making website banner adverts unblockable, obtrusive and extremely flashy.

I'm not doubting the cost and problems that denial of service attacks make, but I'd rather see radical groups turn to this sort of thing than the taking of hostages and the subsequent beheading videos.

It's impossible to recover from a beheading, but being unable to check your bank balance online for a few hours is unlikely to prove fatal.

'Hackivist-Terrorists' took up two spaces with inconsiderate parking and then abandoned their shopping trolley in a disabled space instead of returning it.

No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action

Nor is it possible to do so. No Islamist group has disbanded because their aims were met. Their ultimate objective i.e. the entire world following their extremist brand of Islam, will never be met. And until that time they will keep having excuses to attack.

The USA should be pulling any Aid other than some Humanitarian Food and/ore Medicine.Not one of those Islamic Nations should be getting a dime out of us.No Way should any Funds be getting in the hands of those Hamas, Hezbollah, and other Creep Terrorist Scum Bands.

Would also be a great idea to work even harder towards the goal of some kind of synthetic and/or Alt Petroleum................love to see a World that does not even need their Oil.

Or we could just stop subsidizing the Israeli military, (who get more from us than just about all the Arab nations combined) and watch most of the Anti American semtiment vanish.

Oh wait, then it would be harder for you to find an audience for your bigotry.

This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Although isn't that just every protest, ever? The internet made everything easier, that includes protesting.

Well, if you're going to protest, put your face out there, for starters. And your right to protest doesn't allow for interfering with my right to conduct commerce.

In this country (U.S.), can union supporters legally block the doors to Walmart so customers can't enter? Can pro-life supporters legally block the doors to abortion clinics?

I guess it's not always necessary to have a 'face out there' Anonymous is all about lacking a single identifier, although arguably this is their face.The whole point a protest is to cause a disruption so people take notice, the illegality of the disruption might not matter. Eg. the miners' strike in the UK, and to an extent the London riots a couple years ago.

That's all well and fine, but you need to be willing to pay the price for your actions, too.

Remember in the 90s when ISPs and the government refused to do anything about spammers? We gave the spammers a massive window of "no consequences" in which to hone their skills and techniques, a period during which screwing up wasn't fatal. Look at how they have morphed, and how hard they are to stop now.

All the other hackers, the APT and the "political activists", are in their no consequences stage right now. They can afford to experiment, discover the best techniques, discard losing strategies. Imagine if you could try to rob a bank over and over again, with no chance of going to jail, until you finally got it right?

" Until the film is removed, the group said it would target "properties of American-Zionist Capitalists…This attack will continue till the Erasing of that nasty movie." [sic]"

Maybe targeting the properties of the "Cyber-fighters of Izz ad-Din al-Qassam" with a few cruse missles until the erasing of that nasty group would resolve the issue.

Too much? Maybe (although a tempting thought), but seriously, these types of things are getting out of hand now. This action makes them look like whinny cry babies. WHaaaaaaa me no like, want my way, Whaaaaaaaaa... for cripes sake. Every idiot in the world with a keyboard seems to think they automatically have some sort of right for things like this.

Isn't "we went to war for some company's bottom line" one of the most common complaints about recent American forgien policy? But you want to start another war over Amex...

I see you really did not understand the post, oh well...no chocolate Easter bunnies for you, but have hope though because maybe we will go to war for some company's bottom line then you can say 'see told ya so'

No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action

Nor is it possible to do so. No Islamist group has disbanded because their aims were met. Their ultimate objective i.e. the entire world following their extremist brand of Islam, will never be met. And until that time they will keep having excuses to attack.

The USA should be pulling any Aid other than some Humanitarian Food and/ore Medicine.Not one of those Islamic Nations should be getting a dime out of us.No Way should any Funds be getting in the hands of those Hamas, Hezbollah, and other Creep Terrorist Scum Bands.

Would also be a great idea to work even harder towards the goal of some kind of synthetic and/or Alt Petroleum................love to see a World that does not even need their Oil.

Or we could just stop subsidizing the Israeli military, (who get more from us than just about all the Arab nations combined) and watch most of the Anti American semtiment vanish.

Oh wait, then it would be harder for you to find an audience for your bigotry.

Apparently a simple article like this is too difficult for a terror apologist to read so let me give you a tl:dr version:

They're attacking the US for allowing free speech and not silencing anyone who doesn't completely and unquestionably follow their prophet's orders.

This is just attacking for the sake of causing trouble and disruption in hopes that someone will give in like a crying baby expects its parents to give into its demands. This isn't legitimate protest. No one is going to respond with what they demand...

9/11 suggests otherwise. Those "protestors" were seeking attention for their cause and to create paranoia. In both cases they succeeded well beyond any reasonable expectation. The US reaction to 9/11 has all but guaranteed this type of thing for the indefinite future.

After the Spamhaus/Cyberbunker incident, I think there is no excuse for any large organization to be affected by a DDoS attack. Spamhaus is much smaller than American Express, yet they handled an attack on a much larger scale for weeks (and it's still going).

In Spamhaus/Cyberbunker case, though, the attack was on a static website where security isn't as big of a concern. In the case of American Express, they could potentially have a lot of their website encrypted and all the bank/account information would have to be retrieved from a database. This means that a caching method like Cloudflare probably wouldn't work. This also means it's much easier to bring down their website since they have probably targeted resources that are dynamically generated/encrypted. Instead of just consuming all bandwidth, I'd imagine they are probably loading the servers with requests for tons of pages/content.

No one is going to respond with what they demand, its not reasonable to do so nor is it practical to do so, no one is going to give in to what is basically a cyber-terrorist action

Nor is it possible to do so. No Islamist group has disbanded because their aims were met. Their ultimate objective i.e. the entire world following their extremist brand of Islam, will never be met. And until that time they will keep having excuses to attack.

The USA should be pulling any Aid other than some Humanitarian Food and/ore Medicine.Not one of those Islamic Nations should be getting a dime out of us.No Way should any Funds be getting in the hands of those Hamas, Hezbollah, and other Creep Terrorist Scum Bands.

Would also be a great idea to work even harder towards the goal of some kind of synthetic and/or Alt Petroleum................love to see a World that does not even need their Oil.

Or we could just stop subsidizing the Israeli military, (who get more from us than just about all the Arab nations combined) and watch most of the Anti American semtiment vanish.

Oh wait, then it would be harder for you to find an audience for your bigotry.

Apparently a simple article like this is too difficult for a terror apologist to read so let me give you a tl:dr version:

They're attacking the US for allowing free speech and not silencing anyone who doesn't completely and unquestionably follow their prophet's orders.

I guess the pertinent question is, who are "they" in your scenario? Because in the response to your post, Capital-letter-loving Dawnrazor seemed to be conflating countries with largely Muslim populations, and terrorist groups. Which is offensive at best, and racist at worst.

Anyone who believes that every Palestinian or every Syrian hates every American is sorely mistaken. And to assume that the views of a terrorist group or maniacal dictator represent the views of an entire population will only entrench hatred.

The USA should be pulling any Aid other than some Humanitarian Food and/ore Medicine.Not one of those Islamic Nations should be getting a dime out of us.

Why spend a few billion now to make things better for families and improve your reputation when you can just wait for those kids to grow up and spend a trillion or so on another pointless invasion? Of course a few years after that you'll just be back to square one anyway.

I'm not doubting the cost and problems that denial of service attacks make, but I'd rather see radical groups turn to this sort of thing than the taking of hostages and the subsequent beheading videos. [snip]

The trouble is, the cyber attacks are in addition to beheadings, not "instead of." This is a group of "our way or we'll kill you" extremists. No amount of appeasement will work. Ostracism by others who profess the same religion might work, but none seem to be willing to do so. (Or, at least I haven't heard them.)

This is just attacking for the sake of causing trouble and disruption in hopes that someone will give in like a crying baby expects its parents to give into its demands. This isn't legitimate protest. No one is going to respond with what they demand...

9/11 suggests otherwise. Those "protestors" were seeking attention for their cause and to create paranoia. In both cases they succeeded well beyond any reasonable expectation. The US reaction to 9/11 has all but guaranteed this type of thing for the indefinite future.

No, 9/11 does not suggest otherwise. Terrorism against the U.S., in its modern day understanding, to put it very mildly if not incorrectly 'protestors', existed before 9/11, they are, collectively, part of a movement that was actually attacking the U.S. or other country's back into the 1950's with bombings or other methods here and abroad. The more recent era leading up to 9/11 identifying the modern day middle eastern based terrorist began in the mid to late 1980's into the 1990's. Even our own home grown terrorists in the form of the KKK conducted terrorist style operations in the mid 1800's with the same type of excuses the modern day middle eastern terrorist uses based upon intolerance. The U.S. government restrained from going to war for many years, trying diplomacy and other methods, but 9/11 happened and it was simply too much that a defacto foreign military style planned force would come directly onto our soil basically en-force and plan and execute such an attack and invade our homeland, it could simply not be ignored or tolerated in the interest of peace or anything else. Seeking attention my butt, it was an outright planned and executed invasion, intentionally conducted to kill as many innocent people as possible. It was not a 'protest', it was not conducted against military targets only, it was aimed at civilian casualties to induce as much terror as possible and does not even begin to qualify as a true military action, it was intentional pre-mediated murder plain and simple. If you do not recognize the difference between attention seeking and pre-meditated murder then I feel sorry for you. You see that as a 'protest', are you off your medication or something? No, the U.S. reaction has not guaranteed anything, it was a justified response for what was basically an invasion and attack of our homeland and large scale pre-mediated murder, and any country would have done the same thing and strike back. Its been here for many years already, it existed in other parts of the world before that, and has always been here in one form or another in our country modern day history. There has never, not once, been a case where terrorism stopped simply because the terrorist got their way or someone did not react. Reacting to a terrorist threat or attack has nothing to do with what terrorist do or don't do, its simply what they do and what they have always done and no country influences it to start or stop or continue as it does that all on its own. It is always based or starts in every instance, in any history of terrorism, with some excuse given to wage some sort of jihad or carry out some sort of war like terrorist action for some perceived injustice or simply because the rest of the world is not meeting their religious tolerance standards or there is something they don't like and they want their way. Every single justification of the terrorist has always been some thin excuse to do something, its one of the identifying characteristics of terrorism that there will always be an excuse based upon some wrong in some way the terrorist perceives be it intolerance or simply something they do not like, its simply hatred mixed with insanity and their only cause is to kill, disrupt, or destroy. You are completely wrong in your very gross assumption and statements. I suggest you get a clue because as the country boys put it "that dog don't hunt" and you are completely delusional if you think 9/11 was the first time or that they were simply 'protesters seeking attention'. The number of innocent dead, the grieving family's of victims world wide, the statistics, history, the publically stated aims of terrorist groups all disagree with you and tell you they are not 'protesters' or 'seeking attention'. The terrorist groups all say their goal is to basically kill, destroy, and disrupt, and that is not 'protest' or 'seeking attention' that is premeditated and intentional threat and when acted on violently its murder and the rest even if not acted on violently in a specific act is support for the ultimate aim of kill and destroy.

There has never, not once, been a case where terrorism stopped simply because the terrorist got their way or someone did not react.

It worked for Israel.

The Stern Gang's newspaper, 1943 wrote:

Neither Jewish ethics nor Jewish tradition can disqualify terrorism as a means of combat. We are very far from having any moral qualms as far as our national war goes. We have before us the command of the Torah, whose morality surpasses that of any other body of laws in the world: "Ye shall blot them out to the last man." But first and foremost, terrorism is for us a part of the political battle being conducted under the present circumstances, and it has a great part to play: speaking in a clear voice to the whole world, as well as to our wretched brethren outside this land, it proclaims our war against the occupier. We are particularly far from this sort of hesitation in regard to an enemy whose moral perversion is admitted by all.

The writer forgot to link to the U-Tube clip 'The Innocence of Muslims' being used as a thin excuse for this vandalism.

I can't comment on the content, since it is so badly acted that I could watch only the first minute or so. The Streisand effect is a pretty good counter to censorship attempts of even terribly-inept material, so we may as well use it.